Country Block
-
Thanks Tomy :)
-
Really good package Tommy, thanks for your help.
-
I am currently running 1.2.3-RELEASE and thanks on the post with information on BlackBerry. I was able to find the CIDR range our BB are using for service. The only thing I am still trying to figure out is how to block the rest of the Country without manually creating an ALIAS list of CANADA IP's? I noticed that the texted is correct under the package interface when making a change to the firewall, that you must save/update the Country Block package to get it running again everytime you make a firewall change. Country Block itself seems to run good without the help of cron. What I think would be neat is to be able to do a block all country and then input an unblock CIDR option under the selected country, that way the whole country would be blocked other than a specified CIDR or list of CIDR's and ranges. Something else I think would be cool is having a log or barnyard dump of data so you can see statistics on blocked country IP's and where the major attacks and brech attempts are comning from.
The package itself is very cool and in early development, but yet is is so effective. I would love to see the Country Block package become a standard integrated part of the pfsense install along with a few other packages such as IP Block, SNORT, Deep Packet Inspection, and E-mail filtering forwarder.
Thanks for all the support and help on this package.
Matt
-
Why don't you locate the store for the canadian IPs on your local file system and remove the IP range in question?
-
g4m3c4ck
Not sure how to go about doing this? ???
Thanks,
Matt
-
Could it be setup so that those rules were applied at the end so that any allows above it in the firewall rules would allow the traffic. I am ssuming 2 things of course. 1. That the rules apply top down… 2. That the package can be configured as such.
Great package when I learned a couple of painful lessons.... ;D
-
g4m3c4ck
Not sure how to go about doing this? ???
Thanks,
Matt
Right now there is no really decent way to remove IPs from the countryblock table. I will have to make a whitelist addon for the package. Hopefully I can sit down and do that soon. I just haven't had the time.
-
This package has singlehandedly cut down 99,9% of all attemps to hack my SQL databases…. Now I just need the IE fix. Then I will have to promote Tommy to a godlike status.....:D
Thx buddy. This is absolutely one of the best features of PFSense !!
-
The hard way of solving your problem would be to ssh into your router or manually go to the computer and goto shell.
cd /usr/local/www/packages/countryblock/lists
cp countries.txt countries.txt.bak
nano countries.txt
then find the ip range in question and remove
Keep in mind changes in the country block package will revert these steps.
-
Encountered an error in the system logs:
php: /packages/countryblock/countryblock.php: The command 'sh execute.sh' returned exit code '2', the output was '0 table deleted. export: 4: bad variable name'
Country Block keeps on saying "Current Status = NOT running", pkg reinstall didnt do the trick.
(pfSense 2.0-BETA3 built on Fri Jun 25 16:38:53 EDT 2010) -
Is this in Firefox or IE?
Encountered an error in the system logs:
php: /packages/countryblock/countryblock.php: The command 'sh execute.sh' returned exit code '2', the output was '0 table deleted. export: 4: bad variable name'
Country Block keeps on saying "Current Status = NOT running", pkg reinstall didnt do the trick.
(pfSense 2.0-BETA3 built on Fri Jun 25 16:38:53 EDT 2010) -
Firefox.
-
Are you running any other packages on the box?
-
RRD Summary and snort
-
Make a backup and then uninstall Snort. Test again.
-
after deleting snort and reinstalling country block more errors:
Jun 27 20:10:42 php: /packages/countryblock/countryblock.php: The command 'sh execute.sh' returned exit code '2', the output was '0 table deleted. export: 4: bad variable name'
Jun 27 20:09:04 php: /packages/countryblock/countryblock.php: The command 'rm errorOUT.txt' returned exit code '1', the output was 'rm: errorOUT.txt: No such file or directory'
Jun 27 20:09:04 php: /packages/countryblock/countryblock.php: The command 'rm -R /usr/local/www/packages/countryblock/lists' returned exit code '1', the output was 'rm: /usr/local/www/packages/countryblock/lists: No such file or directory'
Jun 27 20:08:58 php: /packages/countryblock/countryblock.php: The command 'rm errorOUT.txt' returned exit code '1', the output was 'rm: errorOUT.txt: No such file or directory'
Jun 27 20:08:58 php: /packages/countryblock/countryblock.php: The command 'rm -R /usr/local/www/packages/countryblock/lists' returned exit code '1', the output was 'rm: /usr/local/www/packages/countryblock/lists: No such file or directory'
Jun 27 20:07:53 php: /pkg_mgr_install.php: Beginning package installation for Country Block. -
Can you make a clean install of PFsense and try again??? Just to exclude a corrupted install….
-
Now that you mentioned it, I did a fresh install a few hours ago, BUT I used an old config file from BETA-1 release so this could be the issue. I will reinstall tommorow and try country block before restoring the old config file again.
-
;)
-
Tommy - Get your butt moving man. We need to be able to edit the block lists. I know your just slacking at home. :o